[Standards-JIG] Re: The Great Encryption Debate
jajcus at jajcus.net
Tue Aug 9 11:44:41 UTC 2005
On Tue, Aug 09, 2005 at 02:46:08AM +0100, Ian Paterson wrote:
> Especially since, to gain Aunt Tillie's acceptance, the default mode
> needs to be 100% transparent for her (like https:).
But what security gives https: to Aunt Tillie? She usually will type
http:// address anyway and will be only redirected to https://. She will
not check if the address in the location bar is right, she will not
check certificate details. IMHO talking about security for Aunt Tillie
makes no much sense. IMHO it would be better to design things for a user
a bit smarter than Aunt Tillie, the one who is able to get anything from
any security features. And then we my try to make some of the features
accessible to Aunt Tillie (making things less secure for her than for
the primary target, of course).
More information about the Standards